CVE-2025-40568
Awaiting Analysis Awaiting Analysis - Queue
BaseFortify

Publication date: 2025-06-10

Last updated on: 2026-01-13

Assigner: Siemens AG

Description
A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions < V3.2), SCALANCE XCH328 (6GK5328-4TS01-2EC2) (All versions < V3.2), SCALANCE XCM324 (6GK5324-8TS01-2AC2) (All versions < V3.2), SCALANCE XCM328 (6GK5328-4TS01-2AC2) (All versions < V3.2), SCALANCE XCM332 (6GK5332-0GA01-2AC2) (All versions < V3.2), SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3) (All versions < V3.2), SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3) (All versions < V3.2), SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3) (All versions < V3.2), SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3) (All versions < V3.2), SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3) (All versions < V3.2), SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3) (All versions < V3.2), SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3) (All versions < V3.2), SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3) (All versions < V3.2), SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3) (All versions < V3.2), SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3) (All versions < V3.2). An internal session termination functionality in the web interface of affected products contains an incorrect authorization check vulnerability. This could allow an authenticated remote attacker with "guest" role to terminate legitimate users' sessions.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-06-10
Last Modified
2026-01-13
Generated
2026-05-07
AI Q&A
2025-06-10
EPSS Evaluated
2026-05-05
NVD
CVE-2025-40568
Affected Vendors & Products
Currently, no data is known.
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-863 The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability exists in the web interface of certain Siemens Industrial Communication Devices running SINEC OS versions prior to V3.2. It is an incorrect authorization check in the internal session termination functionality, which allows an authenticated remote attacker with a 'guest' role to terminate legitimate users' sessions.


How can this vulnerability impact me? :

An attacker with 'guest' role access can remotely terminate sessions of legitimate users, potentially disrupting normal device management and operations by forcing users to lose their active sessions unexpectedly.


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability affects Siemens Industrial Communication Devices running SINEC OS versions prior to V3.2. Detection involves identifying devices with affected firmware versions. Siemens recommends verifying the device firmware version to confirm if it is less than V3.2. Specific commands are not provided in the resources, but checking device firmware versions via device management interfaces or network scanning tools that identify device types and firmware versions is advised. [1]


What immediate steps should I take to mitigate this vulnerability?

The immediate mitigation step is to update all affected Siemens Industrial Communication Devices to SINEC OS version 3.2 or later. Additionally, protect network access to these devices and configure the operational environment according to Siemens' Industrial Security guidelines to reduce exposure. [1]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart